--- recepies/lxc/ve2lxc.sh	2009/05/21 15:46:59	92
+++ recepies/lxc/ve2lxc.sh	2009/05/21 15:55:27	93
@@ -3,6 +3,7 @@
 test -z "$1" && echo "usage: $0 /path/to/ve/private [10.60.0.253]" && exit
 
 dir=$1
+hostname=ve2lxc
 ip=$2
 netmask=255.255.254.0
 
@@ -30,17 +31,11 @@
 	cp $path $path.old && mv $tmp $path
 fi
 
-conf=/tmp/ve2lxc.conf
-cp ve2lxc.conf $conf || exit
-echo "lxc.rootfs = $dir" >> $conf
-
 lxc-stop -n ve2lxc
 lxc-destroy -n ve2lxc
 
 test -d /cgroup || mkdir /cgroup
-if ! grep /cgroup /etc/fstab ; then
-	echo "cgroup /cgroup cgroup rw 0 0" >> /etc/fstab
-fi
+grep /cgroup /etc/fstab || echo "cgroup /cgroup cgroup rw 0 0" >> /etc/fstab
 
 grep eth0 $dir/etc/network/interfaces || cat << __interfaces__ > $dir/etc/network/interfaces
 auto eth0 lo
@@ -53,6 +48,39 @@
 
 __interfaces__
 
+echo $hostname > $dir/etc/hostname
+
+conf=/tmp/ve2lxc.conf
+
+cat << __lxc__ > $conf
+lxc.utsname = $hostname
+lxc.tty = 4
+lxc.pts = 1024
+lxc.network.type = veth
+lxc.network.flags = up
+lxc.network.link = br0
+lxc.network.name = eth0
+lxc.network.mtu = 1500
+#lxc.mount = $MNTFILE
+lxc.rootfs = $dir
+lxc.cgroup.devices.deny = a
+# /dev/null and zero
+lxc.cgroup.devices.allow = c 1:3 rwm
+lxc.cgroup.devices.allow = c 1:5 rwm
+# consoles
+lxc.cgroup.devices.allow = c 5:1 rwm
+lxc.cgroup.devices.allow = c 5:0 rwm
+lxc.cgroup.devices.allow = c 4:0 rwm
+lxc.cgroup.devices.allow = c 4:1 rwm
+# /dev/{,u}random
+lxc.cgroup.devices.allow = c 1:9 rwm
+lxc.cgroup.devices.allow = c 1:8 rwm
+lxc.cgroup.devices.allow = c 136:* rwm
+lxc.cgroup.devices.allow = c 5:2 rwm
+# rtc
+lxc.cgroup.devices.allow = c 254:0 rwm
+__lxc__
+
 mount | grep /cgroup || mount /cgroup || exit
 
 lxc-create -n ve2lxc -f $conf && lxc-start -n ve2lxc